diff --git a/server/skillhub-app/src/main/java/com/iflytek/skillhub/service/AuthMethodCatalog.java b/server/skillhub-app/src/main/java/com/iflytek/skillhub/service/AuthMethodCatalog.java index 84324f18c..cc927801e 100644 --- a/server/skillhub-app/src/main/java/com/iflytek/skillhub/service/AuthMethodCatalog.java +++ b/server/skillhub-app/src/main/java/com/iflytek/skillhub/service/AuthMethodCatalog.java @@ -43,6 +43,7 @@ public AuthMethodCatalog(OAuth2ClientProperties oAuth2ClientProperties, public List listOAuthProviders(String returnTo) { String sanitizedReturnTo = OAuthLoginRedirectSupport.sanitizeReturnTo(returnTo); return new ArrayList<>(oAuth2ClientProperties.getRegistration().entrySet().stream() + .filter(entry -> isValidOAuthProvider(entry.getValue())) .sorted(Comparator.comparing(entry -> entry.getKey())) .map(entry -> new AuthProviderResponse( entry.getKey(), @@ -54,6 +55,19 @@ public List listOAuthProviders(String returnTo) { .toList()); } + /** + * Check if an OAuth provider has valid configuration (non-empty client-id that is not a placeholder). + */ + private boolean isValidOAuthProvider(OAuth2ClientProperties.Registration registration) { + String clientId = registration.getClientId(); + if (clientId == null || clientId.isBlank()) { + return false; + } + // Filter out placeholder values used in dev/test configs + String lowerClientId = clientId.toLowerCase(); + return !lowerClientId.contains("placeholder") && !lowerClientId.contains("local-placeholder"); + } + public List listMethods(String returnTo) { String sanitizedReturnTo = OAuthLoginRedirectSupport.sanitizeReturnTo(returnTo); List methods = new ArrayList<>(); @@ -67,6 +81,7 @@ public List listMethods(String returnTo) { )); oAuth2ClientProperties.getRegistration().entrySet().stream() + .filter(entry -> isValidOAuthProvider(entry.getValue())) .sorted(Comparator.comparing(entry -> entry.getKey())) .forEach(entry -> methods.add(new AuthMethodResponse( "oauth-" + entry.getKey(),